iPhone worm plays prank, but signals danger ahead

A prank worm circulating over jailbroken iPhones in Australia could signal increasing risks for mobile phone users.

This is the first worm to impact the mobile device, researchers said.

Users can be infected if they jailbreak the phone -- meaning they unlock the device to allow for the installation of unauthorized software -- and fail to change the default SSH password, Jamie de Guerre, CTO of messaging security firm Cloudmark, told SCMagazineUS.com on Monday.

An attacker installs the worm over the SSH port by probing the phone's TCP connection, he said.

"If the user has jailbroke their phone and didn't change the default SSH password, then they don't have to take any action to get infected," de Guerre said.

Once installed, the worm first changes the device's wallpaper to a photo of 1980s pop star Rick Astley, a common internet ruse known as "Rickrolling." Next, the device attempts to propagate to other jailbroken devices in which the user has not changed the SSH password.

The worm, which contains four variants, does not attempt to steal any personal information or perform any malicious acts, according to Sophos. It appears to have been written as an experiment, and the security firm was not aware of any outbreaks outside of Australia. However, a blog post on Intego, a Mac security firm, said Monday that the worm appears to have spread elsewhere.

Experts said that although the worm does not appear to do any harm -- except for draining battery power as it attempts to spread to other phones -- it could be a sign of things to come.

"This says there's more focus on mobile [devices] from the attacker community," de Guerre said.

An Apple spokesperson did not respond to a request for comment on Monday.